<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN"
"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head><meta http-equiv="content-type" content="text/html; charset=utf-8" />
<title>[6782] sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor: 2FA Make login markup and styles blend in better</title>
</head>
<body>
<style type="text/css"><!--
#msg dl.meta { border: 1px #006 solid; background: #369; padding: 6px; color: #fff; }
#msg dl.meta dt { float: left; width: 6em; font-weight: bold; }
#msg dt:after { content:':';}
#msg dl, #msg dt, #msg ul, #msg li, #header, #footer, #logmsg { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; }
#msg dl a { font-weight: bold}
#msg dl a:link { color:#fc3; }
#msg dl a:active { color:#ff0; }
#msg dl a:visited { color:#cc6; }
h3 { font-family: verdana,arial,helvetica,sans-serif; font-size: 10pt; font-weight: bold; }
#msg pre { overflow: auto; background: #ffc; border: 1px #fa0 solid; padding: 6px; }
#logmsg { background: #ffc; border: 1px #fa0 solid; padding: 1em 1em 0 1em; }
#logmsg p, #logmsg pre, #logmsg blockquote { margin: 0 0 1em 0; }
#logmsg p, #logmsg li, #logmsg dt, #logmsg dd { line-height: 14pt; }
#logmsg h1, #logmsg h2, #logmsg h3, #logmsg h4, #logmsg h5, #logmsg h6 { margin: .5em 0; }
#logmsg h1:first-child, #logmsg h2:first-child, #logmsg h3:first-child, #logmsg h4:first-child, #logmsg h5:first-child, #logmsg h6:first-child { margin-top: 0; }
#logmsg ul, #logmsg ol { padding: 0; list-style-position: inside; margin: 0 0 0 1em; }
#logmsg ul { text-indent: -1em; padding-left: 1em; }#logmsg ol { text-indent: -1.5em; padding-left: 1.5em; }
#logmsg > ul, #logmsg > ol { margin: 0 0 1em 0; }
#logmsg pre { background: #eee; padding: 1em; }
#logmsg blockquote { border: 1px solid #fa0; border-left-width: 10px; padding: 1em 1em 0 1em; background: white;}
#logmsg dl { margin: 0; }
#logmsg dt { font-weight: bold; }
#logmsg dd { margin: 0; padding: 0 0 0.5em 0; }
#logmsg dd:before { content:'\00bb';}
#logmsg table { border-spacing: 0px; border-collapse: collapse; border-top: 4px solid #fa0; border-bottom: 1px solid #fa0; background: #fff; }
#logmsg table th { text-align: left; font-weight: normal; padding: 0.2em 0.5em; border-top: 1px dotted #fa0; }
#logmsg table td { text-align: right; border-top: 1px dotted #fa0; padding: 0.2em 0.5em; }
#logmsg table thead th { text-align: center; border-bottom: 1px solid #fa0; }
#logmsg table th.Corner { text-align: left; }
#logmsg hr { border: none 0; border-top: 2px dashed #fa0; height: 1px; }
#header, #footer { color: #fff; background: #636; border: 1px #300 solid; padding: 6px; }
#patch { width: 100%; }
#patch h4 {font-family: verdana,arial,helvetica,sans-serif;font-size:10pt;padding:8px;background:#369;color:#fff;margin:0;}
#patch .propset h4, #patch .binary h4 {margin:0;}
#patch pre {padding:0;line-height:1.2em;margin:0;}
#patch .diff {width:100%;background:#eee;padding: 0 0 10px 0;overflow:auto;}
#patch .propset .diff, #patch .binary .diff {padding:10px 0;}
#patch span {display:block;padding:0 10px;}
#patch .modfile, #patch .addfile, #patch .delfile, #patch .propset, #patch .binary, #patch .copfile {border:1px solid #ccc;margin:10px 0;}
#patch ins {background:#dfd;text-decoration:none;display:block;padding:0 10px;}
#patch del {background:#fdd;text-decoration:none;display:block;padding:0 10px;}
#patch .lines, .info {color:#888;background:#fff;}
--></style>
<div id="msg">
<dl class="meta" style="font-size: 105%">
<dt style="float: left; width: 6em; font-weight: bold">Revision</dt> <dd><a style="font-weight: bold" href="http://meta.trac.wordpress.org/changeset/6782">6782</a><script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","description":"Review this Commit","action":{"@type":"ViewAction","url":"http://meta.trac.wordpress.org/changeset/6782","name":"Review Commit"}}</script></dd>
<dt style="float: left; width: 6em; font-weight: bold">Author</dt> <dd>obenland</dd>
<dt style="float: left; width: 6em; font-weight: bold">Date</dt> <dd>2018-02-27 02:40:12 +0000 (Tue, 27 Feb 2018)</dd>
</dl>
<pre style='padding-left: 1em; margin: 2em 0; border-left: 2px solid #ccc; line-height: 1.25; font-size: 105%; font-family: sans-serif'>2FA Make login markup and styles blend in better
See <a href="http://meta.trac.wordpress.org/ticket/77">#77</a>.</pre>
<h3>Modified Paths</h3>
<ul>
<li><a href="#sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactorprimaryphp">sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-primary.php</a></li>
<li><a href="#sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactorsecondaryphp">sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-secondary.php</a></li>
<li><a href="#sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorwporgtwofactorphp">sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/wporg-two-factor.php</a></li>
</ul>
<h3>Removed Paths</h3>
<ul>
<li>sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/css/</li>
</ul>
</div>
<div id="patch">
<h3>Diff</h3>
<a id="sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactorprimaryphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-primary.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-primary.php 2018-02-27 02:30:31 UTC (rev 6781)
+++ sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-primary.php 2018-02-27 02:40:12 UTC (rev 6782)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -33,4 +33,30 @@
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> return $this->is_valid_authcode( $key, $code );
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+
+ /**
+ * Prints the form that prompts the user to authenticate.
+ *
+ * @param WP_User $user WP_User object of the logged-in user.
+ */
+ public function authentication_page( $user ) {
+ require_once ABSPATH . '/wp-admin/includes/template.php';
+ ?>
+ <p>
+ <label for="authcode"><?php esc_html_e( 'Authentication Code:', 'wporg' ); ?></label>
+ <input type="tel" name="authcode" id="authcode" class="input" value="" size="20" pattern="[0-9]*" />
+ </p>
+ <script type="text/javascript">
+ setTimeout( function(){
+ var d;
+ try{
+ d = document.getElementById( 'authcode' );
+ d.value = '';
+ d.focus();
+ } catch(e){}
+ }, 200);
+ </script>
+ <?php
+ submit_button( __( 'Authenticate', 'wporg' ), 'primary', 'submit', false );
+ }
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">\ No newline at end of file
</span></span></pre></div>
<a id="sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorprovidersclasswporgtwofactorsecondaryphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-secondary.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-secondary.php 2018-02-27 02:30:31 UTC (rev 6781)
+++ sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/providers/class-wporg-two-factor-secondary.php 2018-02-27 02:40:12 UTC (rev 6782)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -33,26 +33,25 @@
</span><span class="cx" style="display: block; padding: 0 10px"> $slack_enabled = isset( $this->providers['WPORG_Two_Factor_Slack'] ) && $this->providers['WPORG_Two_Factor_Slack']->is_available_for_user( $user );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><span class="cx" style="display: block; padding: 0 10px"> if ( $email_enabled && $slack_enabled ) {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- echo '<p>' . __( 'Enter the verification code sent to your Email, Slack, or a printed backup code.', 'wporg' ) . '</p>';
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ echo '<p class="intro">' . __( 'Enter the verification code sent to your Email, Slack, or a backup code.', 'wporg' ) . '</p>';
</ins><span class="cx" style="display: block; padding: 0 10px"> } elseif ( $email_enabled ) {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- echo '<p>' . __( 'Enter the verification code sent to your Email, or a printed backup code.', 'wporg' ) . '</p>';
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ echo '<p class="intro">' . __( 'Enter the verification code sent to your Email, or a backup code.', 'wporg' ) . '</p>';
</ins><span class="cx" style="display: block; padding: 0 10px"> } else {
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- echo '<p>' . __( 'Enter a printed backup code.', 'wporg' ) . '</p>';
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ echo '<p class="intro">' . __( 'Enter a backup code.', 'wporg' ) . '</p>';
</ins><span class="cx" style="display: block; padding: 0 10px"> }
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- ?>
</del><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ if ( $email_enabled || $slack_enabled ) : ?>
+ <p class="two-factor-email-resend intro">
+ <button type="submit" class="button-link" name="two-factor-backup-resend"><span class="dashicons-before dashicons-controls-repeat"><?php esc_html_e( 'Resend Code', 'wporg' ); ?></span></button>
+ </p>
+ <?php endif; ?>
+
</ins><span class="cx" style="display: block; padding: 0 10px"> <p>
</span><span class="cx" style="display: block; padding: 0 10px"> <label for="authcode"><?php esc_html_e( 'Verification Code:', 'wporg' ); ?></label>
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <input type="tel" name="two-factor-backup-code" id="authcode" class="input" value="" size="20" pattern="[0-9]{6,20}" title="<?php esc_attr_e( 'Codes are at least 6 decimal digits' ); ?>" />
- <?php submit_button( __( 'Authenticate', 'wporg' ) ); ?>
</del><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ <input type="tel" name="two-factor-backup-code" id="authcode" class="input" value="" size="20" pattern="[0-9]{6,20}" title="<?php esc_attr_e( 'Codes are at least 6 decimal digits', 'wporg' ); ?>" />
+ <?php submit_button( __( 'Authenticate', 'wporg' ), 'primary', 'submit', false ); ?>
</ins><span class="cx" style="display: block; padding: 0 10px"> </p>
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- <?php if ( $email_enabled || $slack_enabled ) { ?>
- <p class="two-factor-email-resend">
- <input type="submit" class="button" name="two-factor-backup-resend" value="<?php esc_attr_e( 'Resend Code', 'wporg' ); ?>" />
- </p>
- <?php } ?>
-
</del><span class="cx" style="display: block; padding: 0 10px"> <script type="text/javascript">
</span><span class="cx" style="display: block; padding: 0 10px"> setTimeout( function(){
</span><span class="cx" style="display: block; padding: 0 10px"> var d;
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -78,9 +77,6 @@
</span><span class="cx" style="display: block; padding: 0 10px"> ];
</span><span class="cx" style="display: block; padding: 0 10px"> $providers = apply_filters( 'wporg_two_factor_secondary_providers', $providers );
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">- // Add some CSS for this clss.
- wp_enqueue_style( 'two-factor-login', plugins_url( '/css/login.css', dirname( __FILE__ ) ) );
-
</del><span class="cx" style="display: block; padding: 0 10px"> foreach ( $providers as $class => $path ) {
</span><span class="cx" style="display: block; padding: 0 10px"> include_once( $path );
</span><span class="cx" style="display: block; padding: 0 10px">
</span></span></pre></div>
<a id="sitestrunkwordpressorgpublic_htmlwpcontentpluginswporgtwofactorwporgtwofactorphp"></a>
<div class="modfile"><h4 style="background-color: #eee; color: inherit; margin: 1em 0; padding: 1.3em; font-size: 115%">Modified: sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/wporg-two-factor.php</h4>
<pre class="diff"><span>
<span class="info" style="display: block; padding: 0 10px; color: #888">--- sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/wporg-two-factor.php 2018-02-27 02:30:31 UTC (rev 6781)
+++ sites/trunk/wordpress.org/public_html/wp-content/plugins/wporg-two-factor/wporg-two-factor.php 2018-02-27 02:40:12 UTC (rev 6782)
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -205,7 +205,6 @@
</span><span class="cx" style="display: block; padding: 0 10px"> exit;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><del style="background-color: #fdd; text-decoration:none; display:block; padding: 0 10px">-
</del><span class="cx" style="display: block; padding: 0 10px"> /**
</span><span class="cx" style="display: block; padding: 0 10px"> * Add short description. @todo
</span><span class="cx" style="display: block; padding: 0 10px"> *
</span><span class="lines" style="display: block; padding: 0 10px; color: #888">@@ -230,6 +229,134 @@
</span><span class="cx" style="display: block; padding: 0 10px"> exit;
</span><span class="cx" style="display: block; padding: 0 10px"> }
</span><span class="cx" style="display: block; padding: 0 10px">
</span><ins style="background-color: #dfd; text-decoration:none; display:block; padding: 0 10px">+ /**
+ * Display the login form.
+ *
+ * @since 0.1-dev
+ *
+ * @param WP_User $user WP_User object of the logged-in user.
+ */
+ public static function show_two_factor_login( $user ) {
+ if ( ! $user ) {
+ $user = wp_get_current_user();
+ }
+
+ $login_nonce = self::create_login_nonce( $user->ID );
+ if ( ! $login_nonce ) {
+ wp_die( esc_html__( 'Failed to create a login nonce.', 'two-factor' ) );
+ }
+
+ $redirect_to = isset( $_REQUEST['redirect_to'] ) ? $_REQUEST['redirect_to'] : $_SERVER['REQUEST_URI'];
+
+ self::login_html( $user, $login_nonce['key'], $redirect_to );
+ }
+
+ /**
+ * Generates the html form for the second step of the authentication process.
+ *
+ * @since 0.1-dev
+ *
+ * @param WP_User $user WP_User object of the logged-in user.
+ * @param string $login_nonce A string nonce stored in usermeta.
+ * @param string $redirect_to The URL to which the user would like to be redirected.
+ * @param string $error_msg Optional. Login error message.
+ * @param string|object $provider An override to the provider.
+ */
+ public static function login_html( $user, $login_nonce, $redirect_to, $error_msg = '', $provider = null ) {
+ if ( empty( $provider ) ) {
+ $provider = self::get_primary_provider_for_user( $user->ID );
+ } elseif ( is_string( $provider ) && method_exists( $provider, 'get_instance' ) ) {
+ $provider = call_user_func( array( $provider, 'get_instance' ) );
+ }
+
+ $provider_class = get_class( $provider );
+
+ $available_providers = self::get_available_providers_for_user( $user );
+ $backup_providers = array_diff_key( $available_providers, array( $provider_class => null ) );
+ $interim_login = isset( $_REQUEST['interim-login'] ); // WPCS: override ok.
+ $wp_login_url = wp_login_url();
+
+ $rememberme = $_REQUEST['rememberme'] ?? 0;
+
+ $backup_classname = key( $backup_providers );
+ $backup_provider = $backup_providers[ $backup_classname ];
+
+ if ( ! function_exists( 'login_header' ) ) {
+ // We really should migrate login_header() out of `wp-login.php` so it can be called from an includes file.
+ include_once( TWO_FACTOR_DIR . 'includes/function.login-header.php' );
+ }
+
+ $wp_error = new \WP_Error();
+ if ( isset( $_REQUEST['two-factor-backup-resend'] ) ) {
+ $wp_error->add( 'codes-resent', esc_html__( 'Codes were re-sent.', 'wporg' ), 'message' );
+ }
+ if ( ! empty( $error_msg ) ) {
+ $wp_error->add( 'authentication-error', esc_html( $error_msg ) );
+ }
+
+ login_header( __( 'Authenticate', 'wporg' ), '', $wp_error );
+ ?>
+
+ <form name="validate_2fa_form" id="loginform" action="<?php echo esc_url( set_url_scheme( add_query_arg( 'action', 'validate_2fa', $wp_login_url ), 'login_post' ) ); ?>" method="post" autocomplete="off">
+ <input type="hidden" name="provider" id="provider" value="<?php echo esc_attr( $provider_class ); ?>" />
+ <input type="hidden" name="wp-auth-id" id="wp-auth-id" value="<?php echo esc_attr( $user->ID ); ?>" />
+ <input type="hidden" name="wp-auth-nonce" id="wp-auth-nonce" value="<?php echo esc_attr( $login_nonce ); ?>" />
+ <?php if ( $interim_login ) : ?>
+ <input type="hidden" name="interim-login" value="1" />
+ <?php else : ?>
+ <input type="hidden" name="redirect_to" value="<?php echo esc_attr( $redirect_to ); ?>" />
+ <?php endif; ?>
+ <input type="hidden" name="rememberme" id="rememberme" value="<?php echo esc_attr( $rememberme ); ?>" />
+
+ <?php $provider->authentication_page( $user ); ?>
+ </form>
+ </div><!-- Opened in login_header() -->
+
+ <?php if ( empty( $_GET['action'] ) ) : ?>
+ <div class="backup-methods-wrap">
+ <a href="<?php echo esc_url( add_query_arg( urlencode_deep( array(
+ 'action' => 'backup_2fa',
+ 'provider' => $backup_classname,
+ 'wp-auth-id' => $user->ID,
+ 'wp-auth-nonce' => $login_nonce,
+ 'redirect_to' => $redirect_to,
+ 'rememberme' => $rememberme,
+ ) ), $wp_login_url ) ); ?>"><?php esc_html_e( 'Try another way to sign in →', 'wporg' ); ?></a>
+ </div>
+ <?php endif; ?>
+
+ <style>
+ body:not(.login-action-backup_2fa):not(.login-action-validate_2fa) #login {
+ margin-bottom: 0;
+ }
+ .login-action-backup_2fa #login,
+ .login-action-validate_2fa #login {
+ margin-bottom: 24px;
+ }
+ .backup-methods-wrap {
+ margin: 24px 0;
+ text-align: center;
+ }
+ .backup-methods-wrap a {
+ color: #999;
+ text-decoration: none;
+ }
+ /* Prevent Jetpack from hiding our controls, see https://github.com/Automattic/jetpack/issues/3747 */
+ .jetpack-sso-form-display #loginform > p,
+ .jetpack-sso-form-display #loginform > div {
+ display: block;
+ }
+ </style>
+
+ <?php
+ /** This action is documented in wp-login.php */
+ do_action( 'login_footer' ); ?>
+ <div class="clear"></div>
+ </body>
+ </html>
+ <?php
+ }
+
</ins><span class="cx" style="display: block; padding: 0 10px"> public function two_factor_providers() {
</span><span class="cx" style="display: block; padding: 0 10px"> return array(
</span><span class="cx" style="display: block; padding: 0 10px"> 'WPORG_Two_Factor_Primary' => __DIR__ . '/providers/class-wporg-two-factor-primary.php',
</span></span></pre>
</div>
</div>
</body>
</html>